Difference between revisions of "Active Directory"
Yvonne.milne (Talk | contribs) (Redirected page to LDAP) |
Barrymavin (Talk | contribs) |
||
| (7 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
| − | + | {{DISPLAYTITLE:Active Directory Integration}} | |
| + | Lianja can optionally use LDAP/Active Directory integration for roles and permissions. | ||
| + | |||
| + | If the environment variable LIANJA_LDAP=ON is set then LDAP user authentication is performed and the '''Groups''' that the user belongs to correspond to '''Roles''' in the App. | ||
| + | |||
| + | You also need to specify the '''base dn''' as an environment variable which is used as the root to search for groups assigned to a specific user e.g LIANJA_LDAP_BASEDN="ou=users,dc=yourdomain,dc=com". | ||
| + | |||
| + | For testing you can set LIANJA_LDAP=OFF and use the Lianja users. | ||
| + | |||
| + | So just to clarify the following environment variables are required when LDAP/AD is used for roles and permissions. | ||
| + | |||
| + | [[LIANJA_LDAP]]=ON | ||
| + | |||
| + | [[LIANJA_LDAP_SERVER]]=IPaddress[:port] | ||
| + | |||
| + | [[LIANJA_LDAP_BASEDN]]="ou=users,dc=yourdomain,dc=com" | ||
| + | |||
| + | You can test the LDAP/AD authentication using: | ||
| + | |||
| + | [[LDAP_LOGIN()]] | ||
| + | |||
| + | <pre>ldap_login(cUserName, cPassword [, cLdapServer[:port] [, cLdapBasedn]])</pre> | ||
| + | |||
| + | or [[LDAP_USERROLES()]] | ||
| + | |||
| + | <pre>ldap_userroles(cUserName, cLdapServer[:port] [, cLdapBasedn])</pre> | ||
| + | |||
| + | This function returns the LDAP/AD '''Groups''' that the user belongs to which correspond to roles in Lianja. | ||
| + | |||
| + | The Lianja Cloud Server and the Lianja App Center (runtime) will use LDAP if the above environment variables are specified. | ||
| + | |||
| + | If you have any problems with LDAP you can [[SET DEBUG]] ON and a trace file will be written into the debug directory "ldap_xxx.txt" where xxx is the process id of the user. | ||
| + | |||
| + | [[Category:Users and Roles]] | ||
| + | [[Category:Lianja v3.1]] | ||
| + | [[Category:LDAP]] | ||
Latest revision as of 08:42, 3 December 2017
Lianja can optionally use LDAP/Active Directory integration for roles and permissions.
If the environment variable LIANJA_LDAP=ON is set then LDAP user authentication is performed and the Groups that the user belongs to correspond to Roles in the App.
You also need to specify the base dn as an environment variable which is used as the root to search for groups assigned to a specific user e.g LIANJA_LDAP_BASEDN="ou=users,dc=yourdomain,dc=com".
For testing you can set LIANJA_LDAP=OFF and use the Lianja users.
So just to clarify the following environment variables are required when LDAP/AD is used for roles and permissions.
LIANJA_LDAP=ON
LIANJA_LDAP_SERVER=IPaddress[:port]
LIANJA_LDAP_BASEDN="ou=users,dc=yourdomain,dc=com"
You can test the LDAP/AD authentication using:
ldap_login(cUserName, cPassword [, cLdapServer[:port] [, cLdapBasedn]])
ldap_userroles(cUserName, cLdapServer[:port] [, cLdapBasedn])
This function returns the LDAP/AD Groups that the user belongs to which correspond to roles in Lianja.
The Lianja Cloud Server and the Lianja App Center (runtime) will use LDAP if the above environment variables are specified.
If you have any problems with LDAP you can SET DEBUG ON and a trace file will be written into the debug directory "ldap_xxx.txt" where xxx is the process id of the user.
